[GNUnet-SVN] [libmicrohttpd] 06/10: Check TLS strings lengths

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] [libmicrohttpd] 06/10: Check TLS strings lengths

From:	gnunet
Subject:	[GNUnet-SVN] [libmicrohttpd] 06/10: Check TLS strings lengths
Date:	Tue, 21 May 2019 21:29:10 +0200

This is an automated email from the git hooks/post-receive script.

karlson2k pushed a commit to branch master
in repository libmicrohttpd.

commit c593fa6b8280fec44766ff4986950643837bb8ac
Author: Evgeny Grin (Karlson2k) <address@hidden>
AuthorDate: Tue May 21 21:04:43 2019 +0300

    Check TLS strings lengths
---
 src/microhttpd/daemon.c | 53 ++++++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 48 insertions(+), 5 deletions(-)

diff --git a/src/microhttpd/daemon.c b/src/microhttpd/daemon.c
index 57f59a57..b4ed655d 100644
--- a/src/microhttpd/daemon.c
+++ b/src/microhttpd/daemon.c
@@ -517,8 +517,18 @@ MHD_init_daemon_certificate (struct MHD_Daemon *daemon)
 #endif
   if (NULL != daemon->https_mem_trust)
     {
+      size_t paramlen;
+      paramlen = strlen (daemon->https_mem_trust);
+      if (UINT_MAX < paramlen)
+        {
+#ifdef HAVE_MESSAGES
+          MHD_DLOG(daemon,
+                   "Too long trust certificate\n");
+#endif
+          return -1;
+        }
       cert.data = (unsigned char *) daemon->https_mem_trust;
-      cert.size = strlen (daemon->https_mem_trust);
+      cert.size = (unsigned int) paramlen;
       if (gnutls_certificate_set_x509_trust_mem (daemon->x509_cred,
                                                  &cert,
                                                 GNUTLS_X509_FMT_PEM) < 0)
@@ -540,10 +550,24 @@ MHD_init_daemon_certificate (struct MHD_Daemon *daemon)
   if ( (NULL != daemon->https_mem_cert) &&
        (NULL != daemon->https_mem_key) )
     {
+      size_t param1len;
+      size_t param2len;
+
+      param1len = strlen (daemon->https_mem_key);
+      param2len = strlen (daemon->https_mem_cert);
+      if ( (UINT_MAX < param1len) ||
+           (UINT_MAX < param2len) )
+        {
+#ifdef HAVE_MESSAGES
+          MHD_DLOG(daemon,
+                   "Too long key or certificate\n");
+#endif
+          return -1;
+        }
       key.data = (unsigned char *) daemon->https_mem_key;
-      key.size = strlen (daemon->https_mem_key);
+      key.size = (unsigned int)param1len;
       cert.data = (unsigned char *) daemon->https_mem_cert;
-      cert.size = strlen (daemon->https_mem_cert);
+      cert.size = (unsigned int)param2len;
 
       if (NULL != daemon->https_key_password) {
 #if GNUTLS_VERSION_NUMBER >= 0x030111
@@ -2224,7 +2248,16 @@ psk_gnutls_adapter (gnutls_session_t session,
       free (app_psk);
       return -1;
     }
-  key->size = app_psk_size;
+  if (UINT_MAX < app_psk_size)
+    {
+#ifdef HAVE_MESSAGES
+      MHD_DLOG (daemon,
+                _("PSK authentication failed: PSK too long\n"));
+#endif
+      free (app_psk);
+      return -1;
+    }
+  key->size = (unsigned int)app_psk_size;
   memcpy (key->data,
          app_psk,
          app_psk_size);
@@ -5042,6 +5075,7 @@ parse_options_va (struct MHD_Daemon *daemon,
           if (0 != (daemon->options & MHD_USE_TLS))
             {
               gnutls_datum_t dhpar;
+              size_t pstr_len;
 
               if (gnutls_dh_params_init (&daemon->https_mem_dhparams) < 0)
                 {
@@ -5052,7 +5086,16 @@ parse_options_va (struct MHD_Daemon *daemon,
                   return MHD_NO;
                 }
               dhpar.data = (unsigned char *) pstr;
-              dhpar.size = strlen (pstr);
+              pstr_len = strlen (pstr);
+              if (UINT_MAX < pstr_len)
+                {
+#ifdef HAVE_MESSAGES
+                  MHD_DLOG (daemon,
+                            _("Diffie-Hellman parameters string too long\n"));
+#endif
+                  return MHD_NO;
+                }
+              dhpar.size = (unsigned int) pstr_len;
               if (gnutls_dh_params_import_pkcs3 (daemon->https_mem_dhparams,
                                                  &dhpar,
                                                  GNUTLS_X509_FMT_PEM) < 0)

-- 
To stop receiving notification emails like this one, please contact
address@hidden

[Prev in Thread]

Current Thread

[Next in Thread]

[GNUnet-SVN] [libmicrohttpd] branch master updated (d5d03f11 -> 9da5831c), gnunet, 2019/05/21
- [GNUnet-SVN] [libmicrohttpd] 03/10: Removed unused macro, gnunet, 2019/05/21
- [GNUnet-SVN] [libmicrohttpd] 04/10: Fixed compiler warning, gnunet, 2019/05/21
- [GNUnet-SVN] [libmicrohttpd] 02/10: Avoid dropping 'const' qualifier in macros, gnunet, 2019/05/21
- [GNUnet-SVN] [libmicrohttpd] 06/10: Check TLS strings lengths, gnunet <=
- [GNUnet-SVN] [libmicrohttpd] 05/10: MHD_start_daemon(): fixed port detection on some platforms, avoid re-use variable names., gnunet, 2019/05/21
- [GNUnet-SVN] [libmicrohttpd] 01/10: Fixed doxygen comments, Fixed spelling in comments, gnunet, 2019/05/21
- [GNUnet-SVN] [libmicrohttpd] 07/10: Removed extra ';', gnunet, 2019/05/21
- [GNUnet-SVN] [libmicrohttpd] 08/10: MHD_set_connection_value_n_nocheck_() mark as static function, gnunet, 2019/05/21
- [GNUnet-SVN] [libmicrohttpd] 09/10: MHD_start_daemon(): report if TCP_FASTOPEN is used on supported platform, gnunet, 2019/05/21
- [GNUnet-SVN] [libmicrohttpd] 10/10: ChangeLog updated, gnunet, 2019/05/21

Prev by Date: [GNUnet-SVN] [libmicrohttpd] 02/10: Avoid dropping 'const' qualifier in macros
Next by Date: [GNUnet-SVN] [libmicrohttpd] 05/10: MHD_start_daemon(): fixed port detection on some platforms, avoid re-use variable names.
Previous by thread: [GNUnet-SVN] [libmicrohttpd] 02/10: Avoid dropping 'const' qualifier in macros
Next by thread: [GNUnet-SVN] [libmicrohttpd] 05/10: MHD_start_daemon(): fixed port detection on some platforms, avoid re-use variable names.
Index(es):
- Date
- Thread